[webkit-changes] [WebKit/WebKit] e80607: Don't create renderer for foreignElement when it h...
Chirag Shah
noreply at github.com
Wed Feb 1 08:33:16 PST 2023
Branch: refs/heads/main
Home: https://github.com/WebKit/WebKit
Commit: e806076966607b8327822663338316299261960b
https://github.com/WebKit/WebKit/commit/e806076966607b8327822663338316299261960b
Author: Chirag M Shah <chirag_m_shah at apple.com>
Date: 2023-02-01 (Wed, 01 Feb 2023)
Changed paths:
A LayoutTests/svg/foreignObject/foreign-object-without-svgroot-crash-expected.txt
A LayoutTests/svg/foreignObject/foreign-object-without-svgroot-crash.html
M Source/WebCore/svg/SVGForeignObjectElement.cpp
Log Message:
-----------
Don't create renderer for foreignElement when it has no parent
https://bugs.webkit.org/show_bug.cgi?id=241778
rdar://102916021
Reviewed by Nikolas Zimmermann.
If the body is replaced by foreignElement, it results in a DOM which
doesn't have anything to render or layout, but it crashes WebKit because
we trip over an assert because isPaintOffsetCacheEnabled is not disabled
(which happens only when there is a SVGRoot). This change makes it so
that we don't generate the useless renderer in the first place, which is
what happens with other SVGElements.
* LayoutTests/svg/foreignObject/foreign-object-without-svgroot-crash-expected.txt: Added.
* LayoutTests/svg/foreignObject/foreign-object-without-svgroot-crash.html: Added.
* Source/WebCore/svg/SVGForeignObjectElement.cpp:
(WebCore::SVGForeignObjectElement::rendererIsNeeded):
Canonical link: https://commits.webkit.org/259685@main
More information about the webkit-changes
mailing list